REMARKS 

Claims 1-66 are pending in the application, with claims 46-66 having been withdrawn 
pursuant to a Restriction Requirement. By this Amendment, claims 1, 2, 4, 6, 8, 10, 12, 14, 18, 
20, 22, 26-28, 30, 33, 34, and 38-43 are amended; claims 11,13, 17, 3 1, 32, and 46-66 are 
cancelled; and claim 67 is newly presented. Applicants request reconsideration and allowance 
in view of the above amendments and the following remarks. 

Drawing Objections 

The drawings are objected to for using the same reference numeral to designate two 
different items in a few instances. Additionally, the drawings are objected to because text 
labels, which were not used, are deemed to be necessary for the drawings to be understood. 
Applicants have amended the drawings to correct those issues, and they have corrected reference 
numerals in the specification accordingly. No new matter is presented by these amendments. 
Therefore, Applicants submit that the objections are overcome. 

Claim Objections 

Claims 1 and 6 are objected to for certain informalities/perceived ambiguities with 
respect to which key container is being referenced in the various instances. Applicants have 
amended those claims (as well as others) to overcome the asserted deficiencies. Therefore, 
Applicants submit that the objections are overcome. 

Rejections Under 35 U.S.C. § 1 12 

Claims 2, 4, 12-14, 18, and 22 are rejected under 35 U.S.C. § 1 12, second paragraph, for 
various asserted informalities/indefiniteness. To the extent claim 13 is cancelled, the rejection is 
moot; otherwise, Applicants have amended the claims to overcome the alleged deficiencies. 
Therefore, Applicants submit that the rejections are overcome and request that they be 
withdrawn. 

Art-Based Rejections 

Claims 1-21, 24-30, and 33-45 are rejected under 35 U.S.C. § 102(e) as anticipated by 
Bandini et al, U.S. 2008/0270789. Claims 22 and 23 are rejected under 35 U.S.C. § 103(a) as 
obvious based on Bandini in view of Elliott et al., U.S. 6,335,927, on which the Examiner relies 
for disclosure of "an authentication server that authenticates a user by checking a user name and 
password against a database of valid user names and passwords," referring to column 256, lines 
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10-32. Claims 31 and 32 are rejected under 35 U.S.C. § 103(a) as obvious based on Bandini in 

view of Ishiguro, U.S. 2003/0185399, on which the Examiner relies for disclosure of "an 

information processing apparatus that uses public key certificates the [sic] have an expiration 

date of the public key certificate," referring to Figure 27 and paragraph 204. To the extent 

claims 11, 13, 17, 31, 32, and 46-66 are cancelled, the rejections are moot; otherwise, Applicants 

request reconsideration and withdrawal of the rejections. 

Claim 1 - the only pending independent claim from which all other pending claims 

depend - has been amended to recite features previously recited in claim 1 1 (now cancelled), 

viz. , determining the type of key container that should be provided to the requestor, and claim 22 

(now amended to eliminate the subject feature), viz., that the requestor authenticates with the key 

container directory. Thus, claim 1 now specifies that the type of key container that should be 

provided to the requestor in response to the request is based on the authentication credentials. 

Support for such amendment may be found throughout the specification including, for example, 

at paragraphs 130-133 of the published application, which disclose, inter alia, that 

[t]he controller 102 determines the origin of the request by comparing the presented 
authentication credentials with a known, allocated sets of credentials. Anonymous 
requests are deemed to originate from clients on the insecure network 10 while 
authenticated requests may either originate from clients within the secure network 12 or 
from the gateway itself 14. 

With respect to the anticipation rejection of claim 1, Applicants note that Bandini is not 
indicated to anticipate claim 22. Therefore, because features of claim 22 are incorporated into 
claim 1, Applicants submit that Bandini does not anticipate claim 1 as now amended. 

Claim 22 is, however, indicated to be obvious based on Bandini in view of Elliott. 
Applicants disagree and therefore submit that claim 1 , which now recites features previously 
recited in claim 22, would not have been obvious because the combination does not yield the 
claimed invention. In particular, the combination does not include (at least) the features of 1) 
receiving a request for a key container and authentication credentials from a requestor and, in 
response to such a request, determining the type of key container that should be provided to the 
requestor based on the authentication credentials ; and 2) providing a key container of the 
determined type to the requestor containing a cryptographic key of a gateway that the message 
will transit and an address of the sender or the recipient. 

Regarding determining the type of container that should be provided to the requestor 
based on authentication credentials, although Elliot discloses an authentication server that 
authenticates a user by checking a user name and password, that authentication is used to do 
nothing more than "prevent unauthorized users from accessing the certificate lookup and 
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verification server," as stated by the Examiner at page 13 of the Office Action. In contrast, as 
now recited in claim 1, the authentication credentials are used by the key container directory to 
determine the type of key container that should be provided to the requestor. For example, in 
one embodiment of the invention, the authentication credentials are used to determine the 
relative network location of the requestor, and based on it, the key container directory 
determines whether to provide an encryption key container for an inbound message, an 
encryption key container for an outbound message, or a signing key container. 

This feature provides the advantage of backward compatibility, which is absent in 
Bandini. For example, in LDAP lookups of certificate, the requestor can only query for a key 
container based on a recipient's email address. There is no information to automatically 
determine what type of key container is requested. The invention solves this problem by using 
authentication credentials received to make the determination. 

In light of the discussion above, Applicants also submit that Bandini, either by itself or in 
combination with Elliot, does not disclose or even suggest "providing a key container of the 
determined type to the requestor," where the type is determined based on the authentication 
credentials. 

Further still, Applicants submit that Bandini, either by itself or in combination with 
Elliot, does not disclose or suggest providing a "key container . . . containing a cryptographic 
key of a gateway that the message will transit and an address of the sender or the recipient" as 
now recited in claim 1. In contrast to that feature, the email firewall in Bandini only provides 
"key pair and public key certificate," without any address of the sender or recipient coupled to it. 
(In this regard, Applicants note that the Examiner has cited paragraphs 44 and 45 in Bandini as 
being relevant. Those paragraphs only disclose identification of email client (through directory 
user records with user certificates) and selection of encryption/signature algorithms and key 
length.) By containing within the provided key container the address of the sender or recipient, 
the resulting key container is stronger than a key container that only includes a public key. 
Therefore, in the event the reliability of the key container provided by the key container 
directory is compromised, the reliant party is assured that what is provided is valid. 

Thus, for at least these reasons, Applicants submit that claim 1 (and therefore all other 
pending claims, which all depend from it) would not have been obvious over the art of record, 
and Applicants request that the various rejections be withdrawn. 
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In view of the foregoing, Applicants submit that all claims are in condition for 
allowance, and timely Notice to that effect is respectfully requested. 

The undersigned representative requests any extension of time that may be deemed 
necessary to further the prosecution of this application. 

The undersigned representative authorizes the Commissioner to charge any additional 
fees under 37 C.F.R. § 1.16 or § 1.17 that may be required, or credit any overpayment, to 
Deposit Account No. 14-1437 . referencing Attorney Docket No.: 8235.008.PCUS00 . 

In order to facilitate the resolution of any issues or questions presented by this paper, the 
Examiner may contact the undersigned directly by phone to further the discussion. 



Novak Druce + Quigg LLP 
1300 Eye Street, N.W. 
Suite 1000 West 
Washington, D.C. 20005 



Respectfully submitted, 

/Kenneth M. Fagin/ 

Kenneth M. Fagin, Esq. 
Reg. No. 37,615 
(202) 204-4662 
kcn.faginfenovakdrucc.com 
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